I’m a big believer in learning by doing. There are certain things that are difficult to fully understand or appreciate until you’ve experienced them yourself.
A phishing attack should probably not be one of those things.
If you’re not up to speed on cybersecurity lingo, let’s start with a definition. Phishing is when a cyber attacker tries to gain access to sensitive information by pretending to be someone else.
Phishing usually occurs via email. The attacker might disguise themselves as a colleague to gain your login credentials, for example, or as your bank in order to obtain your credit card information and social security number. Unlike other kinds of cyberattacks, phishing targets vulnerabilities in people rather than gaps in technology. The goal is to convince you the message you’re looking at came from a legitimate, trustworthy source, thereby tricking you into following a fraudulent link or downloading a file containing a virus. Sometimes, the forged website or file looks like what you’d expect—it’s only details such as a weird URL string, misshapen logo, or incorrect contact information that would give the attack away.
Spotting phishing attacks certainly gets easier with practice, but for (hopefully) obvious reasons, you shouldn’t go around clicking every button in every email you receive.
Fortunately, Google launched a quick, interactive quiz that allows you to practice discerning fraudulent messages from real ones.
The quiz was designed to be as realistic as possible. The interface looks like an everyday email window, and some of the emails are actually based on real-world attacks. You can click around and make mistakes without putting yourself or your organization at risk. And you will make mistakes—I got a measly 5/8 my first time around.
For the sake of cybersecurity literacy, take the 2-minute quiz right now—and see if you can beat my score.
Protect your business and safeguard your data with KPA’s Cybersecurity Training.
In today’s data-rich environment, you may have the most high-tech security deployed to your systems. But if your workforce isn’t up to speed on the cybersecurity dangers at hand and how each employee is crucial to combating them, you’re neglecting your most important protection.
Your employees provide the best security, or greatest vulnerability, for the private data you are responsible for safeguarding. Every member of your workforce needs to be aligned on the goals of maintaining privacy standards and protocols to protect private information.